Account number 12956190138975700589 was incorrectly typed with an extra 1 at the end: 129561901389757005891. This is not a valid account number (it exceeds 2^64) and so resulted in overflow and was interpreted as 434692873790144579. I have added code that checks and prevents such overflows, so from now on this would return an "invalid recipient" error message. It is important to note that typo's that result in a different but valid account number will still not be caught, but in those cases it would be more obvious to the user that he has made a typo. So if the user enters the account as 12956190138975700588 for example, it will be accepted because this is a valid account number.
Most importantly, there is no evidence in the above case of a random, memory corruption type of bug, as some have feared. Adding checksums as a way to prevent user errors is a different issue, but there has been no memory corruption at play here.
Wow, I am ashamed. It indeed looks like my stupid mistake.
Still there is a small possibility that that last 1 was a result of a memory corruption, because
I do not type anything, I use the mouse to copy/paste.
And even if that was my error,
it doesn't mean that suddenly you can dismiss any possibility of memory corruption!Your, guys, for some weird reason live in some illusory world, where your code runs on 3 parallel, avionics-grade computers, which then vote on the final result.
In reality your code will run on cheap Chinese memory chips, overheated CPUs and browsers with 24 toolbars installed.
There absolutely must be a way for other nodes to validate the address.